Advisory ID: cisco-sa-20161221-cco CVE ID: CVE-2016-9223 CWE ID: CWE-264 CVSS Score: Base 9.3, Temporal 8.1 Severity: Critical Summary: The vulnerability in the Docker Engine configuration of Cisco CloudCenter Orchestrator (CCO) allows an unauthenticated, remote attacker to install Docker containers with high privileges on the affected system. Affected Products: This vulnerability affects all releases of CCO where the Docker Engine TCP port 2375 is open and bound to local address 0.0.0.0 (any interface). Indicators of Compromise: Administrators may detect a malicious Docker container using the command. Workarounds: Restrict the Docker Engine port to bind to localhost (127.0.0.1). Fixed Software: Fixed in CCO 4.6.2 patch release.